PackageACLOpening and NewMaintainerContainment Re: Plan for tomorrows (20071220) FESCO meeting

[Thorsten Leemhuis]

On 20.12.2007 15:01, Ralf Corsepius wrote:
> On Thu, 2007-12-20 at 09:15 +0100, Thorsten Leemhuis wrote:
>> On 19.12.2007 19:49, Brian Pepple wrote:
>>> /topic MISC -
>>> http://fedoraproject.org/wiki/JesseKeating/PackageACLOpening - f13 
>>>
>>> /topic MISC -
>>> http://fedoraproject.org/wiki/JesseKeating/NewMaintainerContainment -
>>> f13 
>> I'd like to ask FESCo to please not realize the PackageACLOpening
>> proposal without the NewMaintainerContainment.
> -1
> PackageACLOpening is a step into the right direction to colaborative
> maintainership, to less bureaucracy and to a more efficient and flexible
> workflow.

I'm all for "colaborative maintainership,"(I'd call it wiki-style
maintenance effort), but I don't think that means we need to remove all
things that protect the security of the bits we provide.

Opening CVS more sounds to me like having a club house with all the
valuable things that were created over the past years in it and all
inner doors unlocked where every just approved club member gets a key to
the entrance. Would you do that in a club with over 500 members where
it's not that hard to become a club member?

> However, I find coupling it to NewMaintainerContainment would void most
> of the benefits PackageACLOpening opens, because it ties access to a
> small group ("sponsors").

See f13's post, it's not about sponsors, they are just a example and a
group of contributers we trust. I agree with f13 that the group needs to
be bigger then just sponsors (albeit I afaics want it a bit smaller then
what f13 thinks about)

> That said, I think it should be extended to a
> more general notion of "groups", e.g. SIGs, <LANG>-specialists, etc.,
> such that groups on people can collaborate on groups of packages[1].

Sounds good -- maybe that could be added to NewMaintainerContainment, as
the changes that are needed for that are likely similar?

> [...]

CU
thl